Thomas Gleixner | ec8f24b | 2019-05-19 13:07:45 +0100 | [diff] [blame] | 1 | # SPDX-License-Identifier: GPL-2.0-only |
Joonsoo Kim | eefa864b | 2014-12-12 16:55:46 -0800 | [diff] [blame] | 2 | config PAGE_EXTENSION |
| 3 | bool "Extend memmap on extra space for more information on page" |
Masahiro Yamada | a7f7f62 | 2020-06-14 01:50:22 +0900 | [diff] [blame] | 4 | help |
Joonsoo Kim | eefa864b | 2014-12-12 16:55:46 -0800 | [diff] [blame] | 5 | Extend memmap on extra space for more information on page. This |
| 6 | could be used for debugging features that need to insert extra |
| 7 | field for every page. This extension enables us to save memory |
| 8 | by not allocating this extra memory according to boottime |
| 9 | configuration. |
| 10 | |
Akinobu Mita | ee3b429 | 2009-04-02 16:56:30 -0700 | [diff] [blame] | 11 | config DEBUG_PAGEALLOC |
| 12 | bool "Debug page memory allocations" |
Akinobu Mita | 7bc32f6 | 2011-03-22 16:32:46 -0700 | [diff] [blame] | 13 | depends on DEBUG_KERNEL |
| 14 | depends on !HIBERNATION || ARCH_SUPPORTS_DEBUG_PAGEALLOC && !PPC && !SPARC |
Akinobu Mita | 7bc32f6 | 2011-03-22 16:32:46 -0700 | [diff] [blame] | 15 | select PAGE_POISONING if !ARCH_SUPPORTS_DEBUG_PAGEALLOC |
Masahiro Yamada | a7f7f62 | 2020-06-14 01:50:22 +0900 | [diff] [blame] | 16 | help |
Akinobu Mita | ee3b429 | 2009-04-02 16:56:30 -0700 | [diff] [blame] | 17 | Unmap pages from the kernel linear mapping after free_pages(). |
Christian Borntraeger | ea6eabb | 2016-03-15 14:55:30 -0700 | [diff] [blame] | 18 | Depending on runtime enablement, this results in a small or large |
| 19 | slowdown, but helps to find certain types of memory corruption. |
Akinobu Mita | ee3b429 | 2009-04-02 16:56:30 -0700 | [diff] [blame] | 20 | |
Vlastimil Babka | 4462b32 | 2019-07-11 20:55:09 -0700 | [diff] [blame] | 21 | Also, the state of page tracking structures is checked more often as |
| 22 | pages are being allocated and freed, as unexpected state changes |
| 23 | often happen for same reasons as memory corruption (e.g. double free, |
Vlastimil Babka | 8974558 | 2019-09-23 15:34:42 -0700 | [diff] [blame] | 24 | use-after-free). The error reports for these checks can be augmented |
| 25 | with stack traces of last allocation and freeing of the page, when |
| 26 | PAGE_OWNER is also selected and enabled on boot. |
Vlastimil Babka | 4462b32 | 2019-07-11 20:55:09 -0700 | [diff] [blame] | 27 | |
Akinobu Mita | 7bc32f6 | 2011-03-22 16:32:46 -0700 | [diff] [blame] | 28 | For architectures which don't enable ARCH_SUPPORTS_DEBUG_PAGEALLOC, |
| 29 | fill the pages with poison patterns after free_pages() and verify |
Vlastimil Babka | 4462b32 | 2019-07-11 20:55:09 -0700 | [diff] [blame] | 30 | the patterns before alloc_pages(). Additionally, this option cannot |
| 31 | be enabled in combination with hibernation as that would result in |
| 32 | incorrect warnings of memory corruption after a resume because free |
| 33 | pages are not saved to the suspend image. |
Akinobu Mita | 7bc32f6 | 2011-03-22 16:32:46 -0700 | [diff] [blame] | 34 | |
Christian Borntraeger | ea6eabb | 2016-03-15 14:55:30 -0700 | [diff] [blame] | 35 | By default this option will have a small overhead, e.g. by not |
| 36 | allowing the kernel mapping to be backed by large pages on some |
| 37 | architectures. Even bigger overhead comes when the debugging is |
| 38 | enabled by DEBUG_PAGEALLOC_ENABLE_DEFAULT or the debug_pagealloc |
| 39 | command line parameter. |
| 40 | |
| 41 | config DEBUG_PAGEALLOC_ENABLE_DEFAULT |
| 42 | bool "Enable debug page memory allocations by default?" |
Christian Borntraeger | ea6eabb | 2016-03-15 14:55:30 -0700 | [diff] [blame] | 43 | depends on DEBUG_PAGEALLOC |
Masahiro Yamada | a7f7f62 | 2020-06-14 01:50:22 +0900 | [diff] [blame] | 44 | help |
Christian Borntraeger | ea6eabb | 2016-03-15 14:55:30 -0700 | [diff] [blame] | 45 | Enable debug page memory allocations by default? This value |
| 46 | can be overridden by debug_pagealloc=off|on. |
| 47 | |
Vlastimil Babka | 0710d01 | 2022-05-25 13:25:59 +0200 | [diff] [blame] | 48 | config DEBUG_SLAB |
| 49 | bool "Debug slab memory allocations" |
| 50 | depends on DEBUG_KERNEL && SLAB |
| 51 | help |
| 52 | Say Y here to have the kernel do limited verification on memory |
| 53 | allocation as well as poisoning memory on free to catch use of freed |
| 54 | memory. This can make kmalloc/kfree-intensive workloads much slower. |
| 55 | |
| 56 | config SLUB_DEBUG |
| 57 | default y |
| 58 | bool "Enable SLUB debugging support" if EXPERT |
Vlastimil Babka | e240e53 | 2022-11-14 18:13:45 +0100 | [diff] [blame] | 59 | depends on SLUB && SYSFS && !SLUB_TINY |
Linus Torvalds | 8291eaa | 2022-05-27 11:40:49 -0700 | [diff] [blame] | 60 | select STACKDEPOT if STACKTRACE_SUPPORT |
Vlastimil Babka | 0710d01 | 2022-05-25 13:25:59 +0200 | [diff] [blame] | 61 | help |
| 62 | SLUB has extensive debug support features. Disabling these can |
| 63 | result in significant savings in code size. This also disables |
| 64 | SLUB sysfs support. /sys/slab will not exist and there will be |
| 65 | no support for cache validation etc. |
| 66 | |
| 67 | config SLUB_DEBUG_ON |
| 68 | bool "SLUB debugging on by default" |
| 69 | depends on SLUB && SLUB_DEBUG |
Linus Torvalds | 8291eaa | 2022-05-27 11:40:49 -0700 | [diff] [blame] | 70 | select STACKDEPOT_ALWAYS_INIT if STACKTRACE_SUPPORT |
Vlastimil Babka | 0710d01 | 2022-05-25 13:25:59 +0200 | [diff] [blame] | 71 | default n |
| 72 | help |
| 73 | Boot with debugging on by default. SLUB boots by default with |
| 74 | the runtime debug capabilities switched off. Enabling this is |
| 75 | equivalent to specifying the "slub_debug" parameter on boot. |
| 76 | There is no support for more fine grained debug control like |
| 77 | possible with slub_debug=xxx. SLUB debugging may be switched |
| 78 | off in a kernel built with CONFIG_SLUB_DEBUG_ON by specifying |
| 79 | "slub_debug=-". |
| 80 | |
Changbin Du | 8aa4976 | 2019-03-05 15:46:19 -0800 | [diff] [blame] | 81 | config PAGE_OWNER |
| 82 | bool "Track page owner" |
| 83 | depends on DEBUG_KERNEL && STACKTRACE_SUPPORT |
| 84 | select DEBUG_FS |
| 85 | select STACKTRACE |
| 86 | select STACKDEPOT |
| 87 | select PAGE_EXTENSION |
| 88 | help |
| 89 | This keeps track of what call chain is the owner of a page, may |
| 90 | help to find bare alloc_page(s) leaks. Even if you include this |
| 91 | feature on your build, it is disabled in default. You should pass |
| 92 | "page_owner=on" to boot parameter in order to enable it. Eats |
SeongJae Park | 799fb82a | 2023-01-03 18:07:52 +0000 | [diff] [blame] | 93 | a fair amount of memory if enabled. See tools/mm/page_owner_sort.c |
Changbin Du | 8aa4976 | 2019-03-05 15:46:19 -0800 | [diff] [blame] | 94 | for user-space helper. |
| 95 | |
| 96 | If unsure, say N. |
| 97 | |
Pasha Tatashin | df4e817 | 2022-01-14 14:06:37 -0800 | [diff] [blame] | 98 | config PAGE_TABLE_CHECK |
| 99 | bool "Check for invalid mappings in user page tables" |
| 100 | depends on ARCH_SUPPORTS_PAGE_TABLE_CHECK |
| 101 | select PAGE_EXTENSION |
| 102 | help |
| 103 | Check that anonymous page is not being mapped twice with read write |
| 104 | permissions. Check that anonymous and file pages are not being |
| 105 | erroneously shared. Since the checking is performed at the time |
| 106 | entries are added and removed to user page tables, leaking, corruption |
| 107 | and double mapping problems are detected synchronously. |
| 108 | |
| 109 | If unsure say "n". |
| 110 | |
| 111 | config PAGE_TABLE_CHECK_ENFORCED |
| 112 | bool "Enforce the page table checking by default" |
| 113 | depends on PAGE_TABLE_CHECK |
| 114 | help |
| 115 | Always enable page table checking. By default the page table checking |
| 116 | is disabled, and can be optionally enabled via page_table_check=on |
| 117 | kernel parameter. This config enforces that page table check is always |
| 118 | enabled. |
| 119 | |
| 120 | If unsure say "n". |
| 121 | |
Akinobu Mita | 6a11f75 | 2009-03-31 15:23:17 -0700 | [diff] [blame] | 122 | config PAGE_POISONING |
Laura Abbott | 8823b1d | 2016-03-15 14:56:27 -0700 | [diff] [blame] | 123 | bool "Poison pages after freeing" |
Masahiro Yamada | a7f7f62 | 2020-06-14 01:50:22 +0900 | [diff] [blame] | 124 | help |
Laura Abbott | 8823b1d | 2016-03-15 14:56:27 -0700 | [diff] [blame] | 125 | Fill the pages with poison patterns after free_pages() and verify |
| 126 | the patterns before alloc_pages. The filling of the memory helps |
| 127 | reduce the risk of information leaks from freed data. This does |
Kees Cook | 8c9a134 | 2018-08-21 21:53:10 -0700 | [diff] [blame] | 128 | have a potential performance impact if enabled with the |
| 129 | "page_poison=1" kernel boot option. |
Laura Abbott | 8823b1d | 2016-03-15 14:56:27 -0700 | [diff] [blame] | 130 | |
| 131 | Note that "poison" here is not the same thing as the "HWPoison" |
| 132 | for CONFIG_MEMORY_FAILURE. This is software poisoning only. |
| 133 | |
Vlastimil Babka | 8f42475 | 2020-12-14 19:13:41 -0800 | [diff] [blame] | 134 | If you are only interested in sanitization of freed pages without |
| 135 | checking the poison pattern on alloc, you can boot the kernel with |
| 136 | "init_on_free=1" instead of enabling this. |
| 137 | |
Laura Abbott | 8823b1d | 2016-03-15 14:56:27 -0700 | [diff] [blame] | 138 | If unsure, say N |
| 139 | |
Joonsoo Kim | 95813b8 | 2016-03-17 14:19:29 -0700 | [diff] [blame] | 140 | config DEBUG_PAGE_REF |
| 141 | bool "Enable tracepoint to track down page reference manipulation" |
| 142 | depends on DEBUG_KERNEL |
| 143 | depends on TRACEPOINTS |
Masahiro Yamada | a7f7f62 | 2020-06-14 01:50:22 +0900 | [diff] [blame] | 144 | help |
Joonsoo Kim | 95813b8 | 2016-03-17 14:19:29 -0700 | [diff] [blame] | 145 | This is a feature to add tracepoint for tracking down page reference |
| 146 | manipulation. This tracking is useful to diagnose functional failure |
| 147 | due to migration failures caused by page reference mismatches. Be |
| 148 | careful when enabling this feature because it adds about 30 KB to the |
| 149 | kernel code. However the runtime performance overhead is virtually |
| 150 | nil until the tracepoints are actually enabled. |
Jinbum Park | 2959a5f | 2017-02-27 14:30:22 -0800 | [diff] [blame] | 151 | |
| 152 | config DEBUG_RODATA_TEST |
| 153 | bool "Testcase for the marking rodata read-only" |
| 154 | depends on STRICT_KERNEL_RWX |
Masahiro Yamada | a7f7f62 | 2020-06-14 01:50:22 +0900 | [diff] [blame] | 155 | help |
Jinbum Park | 2959a5f | 2017-02-27 14:30:22 -0800 | [diff] [blame] | 156 | This option enables a testcase for the setting rodata read-only. |
Steven Price | 30d621f | 2020-02-03 17:36:20 -0800 | [diff] [blame] | 157 | |
Zong Li | 375d315 | 2020-06-03 16:03:52 -0700 | [diff] [blame] | 158 | config ARCH_HAS_DEBUG_WX |
| 159 | bool |
| 160 | |
| 161 | config DEBUG_WX |
| 162 | bool "Warn on W+X mappings at boot" |
| 163 | depends on ARCH_HAS_DEBUG_WX |
| 164 | depends on MMU |
| 165 | select PTDUMP_CORE |
| 166 | help |
| 167 | Generate a warning if any W+X mappings are found at boot. |
| 168 | |
| 169 | This is useful for discovering cases where the kernel is leaving W+X |
| 170 | mappings after applying NX, as such mappings are a security risk. |
| 171 | |
| 172 | Look for a message in dmesg output like this: |
| 173 | |
| 174 | <arch>/mm: Checked W+X mappings: passed, no W+X pages found. |
| 175 | |
| 176 | or like this, if the check failed: |
| 177 | |
| 178 | <arch>/mm: Checked W+X mappings: failed, <N> W+X pages found. |
| 179 | |
| 180 | Note that even if the check fails, your kernel is possibly |
| 181 | still fine, as W+X mappings are not a security hole in |
| 182 | themselves, what they do is that they make the exploitation |
| 183 | of other unfixed kernel bugs easier. |
| 184 | |
| 185 | There is no runtime or memory usage effect of this option |
| 186 | once the kernel has booted up - it's a one time check. |
| 187 | |
| 188 | If in doubt, say "Y". |
| 189 | |
Steven Price | 30d621f | 2020-02-03 17:36:20 -0800 | [diff] [blame] | 190 | config GENERIC_PTDUMP |
| 191 | bool |
| 192 | |
| 193 | config PTDUMP_CORE |
| 194 | bool |
| 195 | |
| 196 | config PTDUMP_DEBUGFS |
| 197 | bool "Export kernel pagetable layout to userspace via debugfs" |
| 198 | depends on DEBUG_KERNEL |
| 199 | depends on DEBUG_FS |
| 200 | depends on GENERIC_PTDUMP |
| 201 | select PTDUMP_CORE |
| 202 | help |
| 203 | Say Y here if you want to show the kernel pagetable layout in a |
| 204 | debugfs file. This information is only useful for kernel developers |
| 205 | who are working in architecture specific areas of the kernel. |
| 206 | It is probably not a good idea to enable this feature in a production |
| 207 | kernel. |
| 208 | |
| 209 | If in doubt, say N. |
Zhaoyang Huang | b2db9ef | 2023-01-19 09:22:24 +0800 | [diff] [blame] | 210 | |
| 211 | config HAVE_DEBUG_KMEMLEAK |
| 212 | bool |
| 213 | |
| 214 | config DEBUG_KMEMLEAK |
| 215 | bool "Kernel memory leak detector" |
| 216 | depends on DEBUG_KERNEL && HAVE_DEBUG_KMEMLEAK |
| 217 | select DEBUG_FS |
| 218 | select STACKTRACE if STACKTRACE_SUPPORT |
| 219 | select KALLSYMS |
| 220 | select CRC32 |
| 221 | select STACKDEPOT |
| 222 | select STACKDEPOT_ALWAYS_INIT if !DEBUG_KMEMLEAK_DEFAULT_OFF |
| 223 | help |
| 224 | Say Y here if you want to enable the memory leak |
| 225 | detector. The memory allocation/freeing is traced in a way |
| 226 | similar to the Boehm's conservative garbage collector, the |
| 227 | difference being that the orphan objects are not freed but |
| 228 | only shown in /sys/kernel/debug/kmemleak. Enabling this |
| 229 | feature will introduce an overhead to memory |
| 230 | allocations. See Documentation/dev-tools/kmemleak.rst for more |
| 231 | details. |
| 232 | |
| 233 | Enabling DEBUG_SLAB or SLUB_DEBUG may increase the chances |
| 234 | of finding leaks due to the slab objects poisoning. |
| 235 | |
| 236 | In order to access the kmemleak file, debugfs needs to be |
| 237 | mounted (usually at /sys/kernel/debug). |
| 238 | |
| 239 | config DEBUG_KMEMLEAK_MEM_POOL_SIZE |
| 240 | int "Kmemleak memory pool size" |
| 241 | depends on DEBUG_KMEMLEAK |
| 242 | range 200 1000000 |
| 243 | default 16000 |
| 244 | help |
| 245 | Kmemleak must track all the memory allocations to avoid |
| 246 | reporting false positives. Since memory may be allocated or |
| 247 | freed before kmemleak is fully initialised, use a static pool |
| 248 | of metadata objects to track such callbacks. After kmemleak is |
| 249 | fully initialised, this memory pool acts as an emergency one |
| 250 | if slab allocations fail. |
| 251 | |
| 252 | config DEBUG_KMEMLEAK_TEST |
| 253 | tristate "Simple test for the kernel memory leak detector" |
| 254 | depends on DEBUG_KMEMLEAK && m |
| 255 | help |
| 256 | This option enables a module that explicitly leaks memory. |
| 257 | |
| 258 | If unsure, say N. |
| 259 | |
| 260 | config DEBUG_KMEMLEAK_DEFAULT_OFF |
| 261 | bool "Default kmemleak to off" |
| 262 | depends on DEBUG_KMEMLEAK |
| 263 | help |
| 264 | Say Y here to disable kmemleak by default. It can then be enabled |
| 265 | on the command line via kmemleak=on. |
| 266 | |
| 267 | config DEBUG_KMEMLEAK_AUTO_SCAN |
| 268 | bool "Enable kmemleak auto scan thread on boot up" |
| 269 | default y |
| 270 | depends on DEBUG_KMEMLEAK |
| 271 | help |
| 272 | Depending on the cpu, kmemleak scan may be cpu intensive and can |
| 273 | stall user tasks at times. This option enables/disables automatic |
| 274 | kmemleak scan at boot up. |
| 275 | |
| 276 | Say N here to disable kmemleak auto scan thread to stop automatic |
| 277 | scanning. Disabling this option disables automatic reporting of |
| 278 | memory leaks. |
| 279 | |
| 280 | If unsure, say Y. |
| 281 | |